Tuesday, October 31, 2006

Advanced Radio Technologies

If you want to get a good idea of where the technologies are going, you need to read documents like Proceedings of the International Symposium on Advanced Radio Technologies (from March of this year). It contains a number of papers on various radio and spectrum issues.

Note: NTIA is to national government as FCC is to general public. The common point between the two is the State Department.

Monday, October 30, 2006

Johnny Long on CNBC

Set up your Tivos. Johnny Long is going to be in a documentary on 1 Nov. (9-11 p.m.) on CNBC called "Big Brother, Big Business". The local Cox schedule shows a replay at midnight. Here's his announcement.

Firmware-level attacks

Here is a paper from Mike Kershaw and Josh Wright (who I saw talk this past week) which discusses attacks on the interface firmware (drivers).

Sunday, October 29, 2006

Analysis of 802.1x

Hopefully things have improved since this analysis of 802.1x but I'm not holding my breath.

Wiki update

For those interested, I've updated the software behind the wiki. For those affected, please bear with me while I make minor adjustments.

Saturday, October 28, 2006


Earlier this month Netflix used a contest to test security on one of their datasets. From the University of Texas comes a paper entitled "How to Break Anonymity of the Netflix Prize Dataset" which describes the analysis performed on the dataset.

Friday, October 27, 2006


At the ISSA meeting last night, one member complained that a company he'd approached for security services (one of those where it is mandatory that they have seecurity services), rationalized that they didn't need commercial services because they'd hired a kid hacker who protects "their stuff". Being my cynical self, I asked, "So did they hire an arsonist to keep the place from burning down?" It's crude but I've never claimed not to be a relative of Loud-Fat-Bloke...

Hey, it could happen! Nice slogan though: "Security isn't thin"

Thursday, October 26, 2006

NBTScan and MySQL

Brendan in Australia recently asked for my scripts which ties NBTScan to MySQL which prompted me to start working the wiki entries lost during the crash and move that occurred earlier this year.

In any case, here are my notes about the tool and, to start, code to push the info into a MySQL database. Like most of the rest of the wiki, it's unfinished work but it should give at least a couple of you a good place to start from.

I'll add more as I redevelop it or re-discover old copies. I guess there can be such a thing as too many backups...

Tuesday, October 24, 2006

Slowing down

After over 3 years of writing a blog entry for each and every day, I've decided to slow things down a bit (at least for awhile). Finding links and/or writing about enough security or computer-related items to have an entry per day for 1000+ days straight is work. So much so that I no longer enjoy it that much. It also conflicted with the rest of my life and things I was working on for friends.

In any case, I'm going to try a slightly different approach.

The short version: I will when I feel like it.

The slightly longer version: I will blog when I have something to write about. The format will not likely change, I'll still point out interesting things and, on occasion, vent about some boneheaded stunt.

I just want it to feel less like work.

If someone else wants to join in by adding in their own entries here, give me a yell. We can work something out. (I do have a few guidelines though.)

Thursday, October 19, 2006


[*sigh*] Maybe it's my engineering background. Maybe it's having worked 20 years in engineering and 10 in security. Maybe it's hanging out with Rob & company. Most likely it's a combination of all of the above. In any case, for any type of system, general engineering rules apply. The topic of discussion this evening is "consolidation" as it applies to network management. A few newer people tend to believe that the one-ring-to-rule-them-all approach is the final solution. I disagree.

Consolidation of resources can be a good thing. It allows for easier management and cheaper operations.

However, past a certain point, it can also be a bad (or very bad) thing. Consolidation of resources without taking into account operations like security or unique organizational requirements (e.g., specific data sets) is poor practice. While collections of smaller (and diverse) systems are more expensive to manage, the overall operation is more flexible and much more tolerant of failure.

Think of it this way --> over the length of your lifetime, which do you think you'd be more tolerant of: 100 paper cuts or 1 accident with a guillotine?

Wednesday, October 18, 2006

Access (property) rights

Wow. I'm amazed that this article, about port scanning being a violation of property rights, actually made it into the magazine, hakin9. It's about using applying auld law against virtual access to new technologies. (This always leads to trouble.)

There are a serious number of flaws in the logic and I get the impression that he's paraphrasing to justify his logic.

Tuesday, October 17, 2006

Too far

ZDNet's hardware blog has an article on how the new copy protection prevents DVDs from being played in PC's. I think the movie industry should take a very close look at what they're doing. Some of those DVDs do not play in my 6-month old DVD player either.

File this one under "shooting one's self in the foot"...

Monday, October 16, 2006

Birthday rebuild

Sorry for the bit of offline inactivity again. I celebrated my birthday by getting a new toy and pulling all of the cables from behind the desks in the office. It's taken this long to rewire the computers, relocate the AP's and the printer and to install an OS compatible with the new toy (the Linux version of SageTV). I haven't had a chance to play with it but will let you know.

Thursday, October 12, 2006

find and xargs

The power behind command line *nix is that most of the tools do one job well and they can be chained together. Dan Miessler has a quick tutorial on find and xargs will prove useful in a number of situations. This is one of those really valuable techniques that you have to know if you deal with a lot of text files (think: email, blogs, logs, etc.).

Saturday, October 7, 2006

Thursday, October 5, 2006

Wednesday, October 4, 2006

Kernel rebuilds

Note to self: When building a kernel from scratch (this may or may not be unique to dual-core 64-bit systems), the initial reboot crashes but a complete shutdown and restart works fine.

Something to investigate at a later date...

Tuesday, October 3, 2006


For those that missed it, Volume 5 of Uninformed is out.


Concerning the bill to make it illegal for banks and credit card companies (ccc's) to make payments to online gambling sites: I don't believe that this will fix the problem. It will shift to banks/ccc's making payments to overseas banks making payments to gambling sites. It makes the money trail longer and that much harder to trace. I think more is lost than gained in the passage of this bill.

Monday, October 2, 2006

Hot or not?

One rule of thumb: Terrorist attacks succeed because attack occurs where we don't expect it, either at a weak spot in a defense or some place where we don't believe that it would ever happen.

So now I'm torn. Is ZDNet's article on suicide hackers completely silly because the attack is so far-fetched (the attacker doesn't get matyrdom because he doesn't die) or is it likely to occur and succedd for the same reasoning?

Sunday, October 1, 2006

Usenix 15

Various of the presentations from Usenix 15 are available online. (MP3's, notes and slides)